The deadline for Scottish public bodies to become Cyber Essentials certified is fast approaching.

Posted on 4th September 201817th December 2019 by Megan McGinty

Written by: Megan McGinty

Share on Social

The Scottish Government published A Cyber Resilience Strategy for Scotland: Public Sector Action Plan in November 2017, which has been the driving force behind Cyber Essentials adoption in the public sector.

All public sector bodies are required to be Cyber Essentials certified by October 2018.

This measure was designed to safeguard Scotland’s public bodies from cyber attacks by requiring them to put common cyber security measures in place across their organisations.

The action plan came in the wake of the WannaCry ransomware attack in May 2017, which affected several NHS boards across Scotland.

The UK government introduced Cyber Essentials as a cost-effective mechanism for organisations of all sizes in the public and private sector to demonstrate that they have important cyber security controls in place.

Organisations can choose between:

Cyber Essentials – the minimum certification an organisation needs to implement in order to bid for new public sector contracts which include the transfer of public sector identifiable information.
Cyber Essentials Plus – a more rigorous test of your organisation’s cyber security systems where our cyber security experts carry out vulnerability tests to make sure that your organisation is protected against basic hacking and phishing attacks.
With Cyber Essentials Online, the Cyber Essentials Fast Track option is also available, which gets organisations certified in 24 hours*

The certification offers five security controls which the Government states could prevent around 80% of cyber attacks:

Patch management
Malware protection
Boundary firewalls and internet gateways
Secure configuration
Access control

Cyber Essentials is for all organisations, of all sizes, and in all sectors. The Government encourages all organisations to look at the requirements and adopt them.

The next step to becoming Cyber Essentials certified is completion of the self-assessment questionnaire. You can download a sample of the questionnaire here.

* Office hours are based on UK working time 9am-5pm Monday -Thursday and 9am-2pm on Fridays. Fast Track applications made out with these times cannot be guaranteed for a 24-hour turnaround.